[Previous] [Contents] [Index] [Next]

/etc/gateways

Specify Internet routing information to routed

Name:

/etc/gateways

Description:

The /etc/gateways file identifies gateways for the routed daemon. Typically, the routed daemon queries the network and builds routing tables based on the routing information transmitted by other hosts that are directly connected to the network. Gateways that the daemon can't identify through its queries (also called distant gateways) may be identified in this file.

When the routed daemon starts, it calls this file to:

Gateways must be marked as passive, active or external to indicate how it is to be treated:

active
Is willing to exchange RIP (Routing Information Protocol) packets -- they're treated like network interfaces.
passive
Aren't expected to exchange routing information.
external
Are to be considered passive. Another routing process will install such a route if necessary, and other routes to that destination shouldn't be installed by routed.

Each entry is contained on a single line. Blank lines and lines starting with a pound sign (#) indicates a comment. An entry may specify user preferences (see "Other parameter settings"), or it can indicate whether the route is to a network a specific host using one of the following formats:

net Nname[/mask] gateway Gname metric value <passive|active|extern>

host Hname gateway Gname metric value <passive|active|extern>
Gname
Name or address of the gateway to which RIP (Routing Information Protocol) responses should be forwarded.
Hname or Nname
Name of the destination network or host. It may be a symbolic network name (as used in /etc/hosts or /etc/networks) or an Internet address specified in the conventional "." (dot) notation using the inet_network() routine from the internet address manipulation functions, inet_*().

If it's a symbolic network name, then it must either be defined in /etc/networks or /etc/hosts, or named and must be started before routed.

mask
Optional number, between 1 and 32, that indicates the netmask associated with Nname.
value
The hop count to the destination host or network.
active
Send RIP responses to the distant active gateway. As long as the gateway is active, information about it is maintained in the internal routing tables, and will be included with any routing information transmitted through RIP. If the gateway doesn't respond for a period of time, the associated route is deleted from the internal routing tables and the RIP responses are advertised via other interfaces. If the distant gateway resumes sending RIP responses, the associated route is restored.

Such gateways can be useful on media that don't support broadcasts or multicasts but otherwise act like classic shared media like Ethernets such as some ATM networks. One can list all RIP routers reachable on the HIPPI or ATM network in /etc/gateways with a series of "host" lines. Note that it's usually desirable to use RIPv2 in such situations to avoid generating lists of inferred host routes.

passive
Don't exchange RIP (Routing Information Protocol) information. Mark the interface as not to be advertised in updates sent via other interfaces, and turn off all RIP and router discovery through the interface.

Routes through passive gateways are installed in the kernel's routing tables once at startup and aren't included in transmitted RIP responses.

extern
Inform the routed daemon that another routing process will install such a route and that alternative routes to that destination shouldn't be installed by routed. Information about external gateways is not maintained in the internal routing tables and isn't transmitted through RIP. Such entries are only required when both routers may learn of routes to the same destination.

When debugging is turned on with -T, these lines create pseudo-interfaces. When setting parameters for remote or external interfaces, you should start the lines with: if=alias(Hname), or if=remote(Hname), etc.

Other parameter settings

Lines that don't start with net or host must consist of one or more of the following parameter settings, separated by commas or blanks:

bcast_rdisc
Specify that Router Discovery packets should be broadcast instead of multicast.
fake_default=metric
Identical effect to the following with the network and mask coming from the specified interface:

-F net[/mask][=metric]

if=ifname
Indicate that the other parameters on the line apply to the interface name ifname.
md5_passwd=XXX|KeyID[start|stop]
Specify a RIPv2 MD5 password. This keyword is similar to passwd, except that a KeyID is required.
no_ag
Turn off collection (aggregation) of subnets in RIPv1 and RIPv2 responses.
no_rdisc
Disable the Internet Router Discovery Protocol.
no_rdisc_adv
Disable the transmission of Router Discovery Advertisements.
no_rip
Disable all RIP processing on the specified interface. If no interfaces are allowed to process RIP packets, routed acts purely as a router discovery daemon.

Note that turning off RIP without explicitly turning on router discovery advertisements with rdisc_adv or -s causes routed to act as a client router discovery daemon, not advertising.

no_rip_mcast
Cause RIPv2 packets to be broadcast instead of multicast.
no_ripv1_in
Ignore RIPv1 received responses.
no_solicit
Disable the transmission of Router Discovery Solicitations.
no_super_ag
Turn off the collection of networks into supernets in RIPv2 responses.
passwd=XXX[|KeyID[start|stop]]
Specify a RIPv2 cleartext password that'll be included in all RIPv2 responses sent, and checked in all RIPv2 responses received. Any blanks, tab characters, commas, or #, |, or NULL characters in the password must be escaped with a backslash (\). The common escape sequences \n, \r, \t, \b, and \xxx have their usual meanings. The KeyID must be unique but is ignored for cleartext passwords. If present, start and stop are timestamps in the form year/month/day@hour:minute. They specify when the password is valid. The valid password with the most future is used on output packets, unless all passwords have expired, in which case the password that expired most recently is used, or unless no passwords are valid yet, in which case no password is output. Incoming packets can carry any password that's valid, will be valid within 24 hours, or that was valid within 24 hours. To protect the secrets, the passwd settings are valid only in the /etc/gateways file and only when that file is readable only by root.
pm_rdisc
Similar to fake_default. When RIPv2 routes are multicast, so that RIPv1 listeners cannot receive them, this feature causes a RIPv1 default route to be broadcast to RIPv1 listeners. Unless modified with fake_default, the default route is broadcast with a metric of 14. That serves as a "poor man's router discovery" protocol.
rdisc_adv
Specify that Router Discovery Advertisements should be sent, even on point-to-point links, which by default only listen to Router Discovery messages.
rdisc_interval=N
Set the nominal interval with which Router Discovery Advertisements are transmitted to N seconds and their lifetime to 3*N.
rdisc_pref=N
Set the preference in Router Discovery Advertisements to the optionally signed integer N (default preference is 0). Default routes with smaller or more negative preferences are preferred by clients.
redirect_ok
Cause RIP to allow ICMP Redirect messages when the system is acting as a router and forwarding packets. Otherwise, override ICMP Redirect messages.
ripv1_mask=nname/mask1,mask2
Specify that the netmask of the network, of which nname/mask1 is a subnet, should be mask2. For example, ripv1_mask=192.0.2.16/28,27 marks 192.0.2.16/28 as a subnet of 192.0.2.0/27 instead of 192.0.2.0/24.

It's better to turn on RIPv2 with ripv2_out, instead of using this facility.

ripv2
Enable RIPv2. It's equivalent to no_ripv1_in and no_ripv1_out.
ripv2_out
Turn on RIPv2 output and cause RIPv2 advertisements to be multicast when possible.
send_solicit
Specify that Router Discovery solicitations should be sent, even on point-to-point links, which by default only listen to Router Discovery messages.
subnet=nname[/mask][,metric]
Advertise a route to network nname with mask mask and the supplied metric (default is 1). This parameter must appear by itself on a line. The network number must specify a full, 32-bit value, as in 192.0.2.0 instead of 192.0.2.

Although this feature may be useful for filling "holes" in CIDR allocations, it's a dangerous feature and shouldn't be used unless necessary.

trust_gateway=rname[|net1/mask1|net2/mask2|...]
Cause RIP packets from that router and other routers named in other trust_gateway keywords to be accepted, and packets from other routers to be ignored. If networks are specified, then routes to other networks will be ignored from that router.

See also:

routed, rtquery


[Previous] [Contents] [Index] [Next]